Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Archiva ignoring Security.properties

Tags:

repository

archiva

Seems like archiva 2.2 is completely ignoring Security properties
I am following this document: I have set up the security.properties file under 

D:\Apache\Archiva-2.2.0\conf

When I am setting a new password for a user in Archiva UI I am still getting:

     You must provide a password containing at least 1 numeric character(s).

security.properties content:

# Security Policies
#security.policy.password.encoder=
security.policy.password.previous.count=9999
security.policy.password.expiration.days=99999
security.policy.password.expiration.enabled=false
security.policy.allowed.login.attempt=3

# Password Rules
security.policy.password.rule.alphanumeric.enabled=false
security.policy.password.rule.alphacount.enabled=false
security.policy.password.rule.alphacount.minimum=0
security.policy.password.rule.characterlength.enabled=true
security.policy.password.rule.characterlength.minimum=3
security.policy.password.rule.characterlength.maximum=0
security.policy.password.rule.musthave.enabled=false
security.policy.password.rule.numericalcount.enabled=false
security.policy.password.rule.numericalcount.minimum=0
security.policy.password.rule.reuse.enabled=false
security.policy.password.rule.nowhitespace.enabled=true
like image 208
JavaSheriff Avatar asked Feb 08 '23 23:02

JavaSheriff

2 Answers

Stop her running and make a backup of your conf/archiva.xml file.

example:

service archiva stop
cp archiva.xml archiva.xml.orig

Edit the config values you want to modify within the main XML configuration file: conf/archiva.xml

Changing the numeric character count:

<numericalcount>
    <minimum>0</minimum>
    <enabled>false</enabled>
</numericalcount>

Changing the password expiration limit:

<expiration>
    <enabled>false</enabled>
    <days>999999</days>
</expiration>

These values should already be in your config file (they were in mine). Perhaps they were copied there after my unsuccessful attempts to configure them through the web UI.

Additionally, prevent any user caching behaviour while you're making changes:

<useUsersCache>false</useUsersCache>

Start her up again:

service archiva start
like image 197
fr1550n Avatar answered Feb 23 '23 22:02

fr1550n

I found a workaround...

  • stop Archiva
  • Open the Archiva DB using squirrel sql
  • Go to SA/JDOUSER table
  • Column LAST_PASSWORD_CHANGE
  • Right click to make editable
  • Modify the value to 10 years from now...
  • Restart Archiva
  • Get your 10 years of quiet....
like image 41
JavaSheriff Avatar answered Feb 23 '23 22:02

JavaSheriff
Sign in to Comment

Related questions

Doctrine many repository for same entity
when repo sync, it stop at Fetching projects: 100% (293/293), done
@Autowire failing with @Repository
CQRS code duplication in commands

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!